ML20204G246
| ML20204G246 | |
| Person / Time | |
|---|---|
| Site: | Braidwood  |
| Issue date: | 03/22/1999 |
| From: | NRC (Affiliation Not Assigned) |
| To: | |
| Shared Package | |
| ML20204G208 | List: |
| References | |
| GL-98-01, GL-98-1, NUDOCS 9903260114 | |
| Download: ML20204G246 (15) | |
Text
_
i U.S. NUCLEAR REGULATORY COMMISSION OFFICE OF NUCLEAR REACTOR REGULATION (NRR)
AUDIT REPORT ON IMPLEMENTATION OF GENERIC LETTER (GL) 98-01
" YEAR 2000 READINESS OF COMPUTER SYSTEMS AT NUCLEAR POWER PLANTS" Docket No:
STN 50-456, STN 50-457 License No:
Commonwealth Edison Facility:
Braidwood Station Location:
Rural Route 1, Box 84 Braceville, IL 60407-9619 Dates:
January 25-28,1999 Audit Team Members:
Michael Waterman, NRR Mario Gareri, NRR Approved by:
Jerry L. Mauck, Acting Chief Instrumentation and Controls Branch Division of Engineering Office of Nuclear Reactor Regulation 9903260114 990322 ENCLOSURE PDR ADOCK 05000456 P
EXECUTIVE
SUMMARY
From January 25 through January 28,1999, the NRC staff conducted an audit of the Year 2000 (Y2K) readiness program at the Braidwood Station (BwS) in accordance with the audit plan for this activity. The purpose of the audit was to (1) assess the effectiveness of the Commonwealth Edison (the licensee) program for achieving Y2K readiness, including continued safe operation of the plants as well as compliance with applicable NRC regulations and license conditions with respect to potential Y2K problems, (2) evaluate Y2K program implementation to assure that the heensee's schedule is in accordance with NRC Generic Letter (GL) 98-01 guidelines for achieving Y2K readiness by July 1,1999, and (3) assess the licensee's contingency plans for addressing risks associated with potential events resulting from Y2K problems. The audit team reviewed selected licensee documentation regarding the licensee's Nuclear Generation Group (NGG) Y2K readiness program and conducted interviews with cognizant licensee personnel.
The results of this audit and subsequent audits at other selected plants will be used by the staff to determine the need for additional action, if any, on Y2K readiness for nuclear power plants.
Based on the staff's assessment and evaluation of the licensee's NGG Y2K readiness program, l
the following observations were made:
j 1.
The licensee has a common Y2K project implementation plan for all its nuclear facilities.
l The NGG Y2K project plan establishes the scope and control of the Y2K activities at the Braidwood Station. The Y2K Project Plan is comprehensive and incorporates the major elements of the nuclear power industry Y2K problem guidance contained in Nuclear Energy Institute (NEI)/ Nuclear Utilities Software Managament Group (NUSMG) 97-07, l
" Nuclear Utility Year 2000 Readiness."
2.
The licensee's Y2K program is receiving appropriate management support and oversight.
Sponsorship for the licensee's Y2K program is aggressive, proactive, and effective.
3.
The licensee began the formal Y2K readiness program in January 1998, and finished the plant inventory and initial assessment phase on March 5,1998. The detailed assessment phase for systems and components was completed in October 1998. Tne licensee has established a tightly-controlled schedule for completing Y2K readiness of all applications and systems by June 30,1999. The Y2K readiness schedule appears to be achievable because of the dedicated effort at this site, and the licensee has received support via information sharing with EPRI, the Utility Services Alliance, the BWR Owners Group, the l
Westinghouse Owners Group, Mid-America Interconnect Network, Inc. (MAIN), and the North American Electric Reliability Council (NERC).
4.
The licensee has started contingency planning. The licensee is using the nuclear industry guidance in NEl/NUSMG 98-07, " Nuclear Utility Year 2000 Readiness Contingency Planning," for this effort and is in the process of integrating contingency planning in the l
NGG Year 2000 Project Plan. The NGG Contingency Plan is scheduled for completion in l
March 1999.
l 5.
The licensee is conducting confirmatory testing of Y2K readiness for those systems and applications not certified by vendors on the licensee's approved supplier's list.
i i
L
6.
The licensee's independent assessment of the NGG Y2K project plan was completed on January 25,1999. Recommendations from that assessment will be addressed by the NGG Y2K project team for subsequent revisions of the NGG Y2K project plan.
7.
Materials management is being addressed by the licensee. The licensee recognizes that the Y2K checks and balances now in place should be proceduralized for future material control.
8.
The licensee uses a matrix format for prioritizing Y2K activities among the components.
The matrix consists of three date usage risk categories and three safety and regulatory risk categories. This process provides the licensee with an objective, unambiguous methodology for prioritizing remediation activities.
9.
The licensee collects assets with the same manufacturer nameplate data into component evaluation packages (CEPs). The results of an evaluation of a single asset are then extrapolated to the remaining assets in the CEP. This process allows efficient use of remediation resources; however, the underlying assumption that all assets with the same manufacturer nameplate data are identical may not be valid in every case.
10.
The licensee has committed to remediate all assets, regardless of priority, by June 30, 1999. This commitment may be adversely affected if the process used for extrapolating a single component evaluation to all other componentt, in the same CEP does not prove to be valid. The licensee is reviewing this issue.
e i
4 11 1
- ~ ~ " -
i
\\
REPORT DETAILS l
i
1.0 INTRODUCTION
l The objectives of the Comed NGG Y2K readiness program audit at the Braidwood Station were L
to' 1.
Assess the effectiveness of the licensee's program for achieving Y2K. readiness, including continued safe operation of the BwS plants as well as compliance with applicable NRC regulations and licenas conditions with respect to potential Y2K problems, l
2.
Evaluate Y2K progrem implementation to assure that the !!censee's schedule is in accordance v.ith NRC Generic Letter (GL) 98-01 guidelines for achieving Y2K readiness l
by July 1,1999, and, 3.
Assess tne licensee's contingency plans for addressing risks associated with potential events resulting from Y2K problems.
j l
~
The audit was conducted in accordance with the established audit plan outline (Attachment 1) i which was based in part on the guidance and requirements contained in the following documerits:
i e
GL 98-01, " Year 2000 Readiness of Computer Systems at Nuclear Power Plants" l
Licensee Response (s) to GL 98-01 1-Plant Technical Specifications and license terms and conditions j
e Applicable NRC regulations i
i NEl/NUSMG 97-07, " Nuclear Utility Year 2000 Readiness" e
NEl/NUSMG 98-07, " Nuclear Utility Year 2000 Readiness Contingency Planning" Prior to the audit at the.nlant site, the audit team obtained and reviewed the licensee's NGG Y2K Project Plan, Rev. O, dated July 21,1998 (Document Number 2 listed in Attachment 2). Upon arrival at the site. tne licensee provided the staff with a draft of Revision 1.
The audit process staded with an entrance meeting attended by the Y2K Project Manager (PM), Y2K project te& n mendwrs, senior and other site persennel, and members of the audit team. The NGG Y2K Project Manager, Mr. Elijah Campbell, described project organization, the project plan and its implementation, project status, and ongoing activities.
Following the meeting, the audit team spent the rest of the audit reviewing the NGG project plan and its associated procedures, the plan implementation products (documents and data bases).
, _. _ _ ~ _ _. _ _. _ _ _. _ _
'2-The auditors also interacted with the BwS Y2K PM and Y2K project team members. The documents reviewed and referenced in this audit are lis'ed in Attachment 2.
2.0 NGG Y2K PROJECT DESCRIPTION 2.1 Project Oraanization The NGG Y2K reeaness program at BwS has approximately 20 full-time equivalent persons supporting the NGG Y2K project. The PM 'or the BwS part of the NGG Y2K project 5 Mr. E.
Adams. The BwS PM reports to the NGG Y2K PM, who reports to the Manager of Nuclear Information Systerns, who reports in tum to the NGG Y2K Executive Sponsor (Mr. D. Helwig, Senior Vice president, Nuclear Services., Nuclear Generation Group), who reports to the NGG Y2K Project Owner (Mr. O. Kingsley, President, Nuclear Generation Group). The sponsoring efforts have bN 'mportant to the success of the NGG Y2K program.
The licensee participates with other organizations that are addressing the Y2K problem. The licensee has received support via information sharing with EPRI, the Utility Services Alliance, the BWR Owners Group, the Westinghouse Owners Group, Mid-America Interconnect Network, Inc.
(MAIN), and the North American Electric Reliability Council (NERC).
2.2 Proiect Plan The NGG Y2K project plan was developed by the licensee to establish the scope and control of the Y2K program, and is applied uniformly at every Comed nuclear power plant site. The NGG Y2K project plan is based on the guidance provided in NEl/NUSMG 97-07, which was accepted by the NRC in NRC Generic Letter 98-01 as guidance that presents one approach for achieving Y2K readiness. The audit team's review confirmed that the NGG Y2K project plan is based on the guidance contained in NEl/NUSMG 97-07.
The NGG Y2K project plan consists of five major phases; initial Inventory and Awaren4%
Detailed Inventory and Ar#assment, Remediation and Testing, Post Remediation Testing of Non-Embedded Systems, and Notification. The initial Inventory and Awareness Phase comprises communicatbns with the NGG organization conceming the Y2K issue and i's importa. ce; 1
developing a preliminary prioritized list of assets, an unaffected list of assets, and a list of unreviewed systems. The Detailed Inventory and Assessment phase consists of walkdowns, creation of component evaluation packages (CEPs), initial contacts with vendors, collection of industry informatien, Y2K susceptibility testing, creation of a remediation asset list, software application remediatien activities, and evaluating supply chain vulnerabilities. The Remediation and Testing phase comprises the elements of contingency planning for Y2K susceptible assets, and repair, replacement or retiring Y2K susceptible assets. The Post Remediation Testing of don-Embedded Systems phase comprises testina of software applications and embedded systems, and performing post-modification vena aion and testing. The Notification phase comprises final certification of assets, updating of the CEP asset database, archival of project quality records, and communiceting certification status to the NRC.
. )
2.2.1 Awareness The NGG Y2K program, which addresses all Comed nuclear plants, was begun on December 1, 1997. The NGG Communication Plan, dated September 8,1998, prescribes actions for briefing 4
i NGG management, educating the general population of NGG personnel via departmental l
newsletters, training personnel who are to perform inventory and assessment activities, and coordinating Y2K team communications. Baed on communications reviewed by the audit team, the staff concluded that the licensee has an effective Y2K awareness program.
2.2.2 Initial Assessment The initial inventory and Awareness Phase comprises communications with the NGG organization conceming the Y2K issue and its importance; developing a preliminary prioritized list of assets, an unaffected list of assets, and a list of unreviewed systems.
4 The licensee contracted with Litton Enterprise Solutions (LES) to develop an initial inventory of NGG assets. The initial assessment inventory methodology document was completed on March j
31,1998. LES provided the licensee a database of prioritized assets that were categorized by usage, and classified according to date usage risk and safety and regulatory risk. The j
meth>dology also provide <W dtial scope, schedule, and estimated resources required for the i
next phase of activities.
J The licensee identified 3,932 potentially affected embedded syctems and components in the NGG. Of these,3,301 embedded systems are compliant or do not pose a date usage risk,189 l
embedded systems are to be remediated, and 142 embedded systems are receiving detailed i
assessment. The licensee also identified 101 software applications to receive detailed i
assessment at the BwS site, and 1,198 software applications to receive detailed assessment by l
the NGG Y2K project team. Approximately 85% of embedded systems and 26% of software applications have been completed.
1 The inventory includes a prioritization of the identified items. The priorities are based on a combination of three date usage risk levels and three safety and regulatory risk levels. This process provides the licensee with an objective, unambiguous methodology for prioritizing remediation activities. The licensee's prioritization process encompasses the criteria described in NEl/NUSMG 97-07.
During the analysis of the initial assessment, the licensee evaluated the the date usage risk and safety and regulatory risk of each item as the basis f.1 assigning the priority; recommending the
[
approach / plan for detailed assessment, testing, and remediation; and estimating the detailed i
assessment /remediation cost. The licensee is committed to remediating every system regardless of priority.
2.2.3.' Detailed Assessment Detailed assessments consist of source code examinations, review of vendor certifications and tests, testing systems, and reviewing industry group certifications and tests. Vendor evaluations encompass evaluation of available mrnufacturer/ developer information; such as coniracts, I
4 correspondence, vendor manuals, intemet listings, vandor owners groups, communications with vendors using the corporate vendor management program standard vendor questionnaire, and direct communication with vendors. Test evaluations involve the development of test procedures and acceptance criteria to determine whether a Y2K problem exists, and to validate Y2K remediation activities.
The detailed assessments performed to date follow the project implementation plan. The audit team found the licensee's documentation sufficient for justifying the results of the detailed assessments, which established Y2K compliance /non-compliance and readiness of systems.
2.2.4. Y2K Teating and Validation Y2K problem susceptibility testing is based en the licensee's determination of the importance of the affected system and knowledge of the item, prior experience with the vindor, and other relevant information. Cd+ical and high purity systems and embedded devices manufactured by vendors that are not on tne licensees approved supplier list are tested by the licensee or through a Y2K testing contract regardless of vendor certification. The licensee's Y2K project team developed the onsite testing procedures to ensure consistency in the implementation of Y2K j
tusceptibility testing.
When plant equipment is also present in the plant simulator, the simulator equipment is used as the base test equipment, and the plant equipment is then certified Y2K ready by its equivalence to the simulator equipment. The licensee uses available technical manuals and data for establishing equivalence between the simulator equipment and/or redundant channels of plant equipmont. Equipment and firmware technical manuals and data under configuration control is the most frequently used source of data for determining equivalence between redundant channels of equipment.
The auditors found only minor documentation discrepancies in some test packages, and in one case, identified a test procedure that needed to be revised to accommodate manual data entry requirements. The auditors discussed these discrepancies with the licensee.
Software systems common to more than one plant site are tested by the NGG Y2k project team.
Embedded components and site-specific software applications are tested at the sites.
Embedded systems that are common to more than one site and have the same manufacturer nameplate data are tested for Y2K susceptibility at one site. The test results are then extrapolated to the embedded systems at the other sites. This testing philosophy may not account for variations in embedded systems subcomponents that are not considered by the vendor to be significant enough to warrant a change in the nameplate data. The auditors discussed this vulnerability in the licensee's testing approach. The licensee will verify the similarity of equipment in the CEPs to determine whsther additional testing is required.
2.2.5. Remediation and Certification Remediation is the process of retiring, replacing or modifying softv :
or embedded software devices that are to be retained in service, but have been deternwd ts be affected by the Y2K problem. The program implementation plan provided Y2K cor. ece criteria for replacement or c
5
- vt W F e
r-p'*
e um-
^a----
w
. modification. After remediation is completed, validation testing is required. The licensee is performing the required Y2K remediation validation testing using the test procedures and test plans developed by the Y2K project. The licensee develops contingency plans for each software application or embedded system that is Y2K susceptible before remediating the vulnerabilities.
Certification is the completion and documentation of Y2K readiness activities for individual systems and components. This includes docrmentation of validated system modifications and I
development of required contingency plans. The audit team found the resulting certifications to be acceptable.
2.2.6. Regulatory Considerations l
The NGG Y2K project plan and associated documents include references to existing plant procedures that have guidance on regulatory considerations, such as applicability of 10 CFR50.59 for plant modification reviews, reportability evaluations per 10 CcR 50.72,10 CFR l
50.73, and 10 CFR Part 21, and operability determinations as required by plant technical l
specifications.
l 2.2.7. Contingency Planning l
l The licensee has begun contingency planning using a framework similar to that described in NEl/NUSMG 98-07, " Nuclear Utility Year 2000 Readiness Contingency Planning." The licensee's contingency planning activities are consistent with the guidance of NEl/NUSMG 98-07. The licensee's schedule for completion of the project contingency plans is realistic.
The licensee is addressing intemal and extemal communications, phone repair, billing, end l
telephone equipment in the offices. The licensee is also evaluating microwave systems, regional l
radio components, nuclear onsite radio / paging systems (which are different at each site),
l blackstart radios, telephone systems, and vendors for certifying compliance. The licensee is l
using a find it and fix it appronch that is consistent with the Y2K plan.
l The licensee developed the project scope based on discussions with project managers. Projects are staffed with subject metter experts (SMEs), who helped identify the inventory, and purchase records and physicalinventory. The licensee conducted cross team meetings with other business units to identify corporate telephony assets. Additional!y, the licensee used vendor websites for analysis, obtained letters from vendors, and contracted with Motorola to help identify inventory assets. In some instances, the NGG Y2K sponsor or NGG Y2K owner has personally called a vendor to get responses lo a questionnaire.
The licensee has conducted some testing of systems that had vendor certifications if the certifications were vague or needed additional clarification. Some systems could not be easily tested, and the licensee had to work around these obstacles. Contingency plans wt.re based on probability of failure, and the, impact of the failure. These evaluations are part of the package documentation. This information was also extracted for developing contingency plans for transmission and distribution (T&D) systems and individual equipment.
t As with the other areis of the licensee's Y2K project, in addition to using SMEs to reviewed j
equipment, the license;e gathered data from materiel data base extractions, and conducted
. walkdowns to identify potential Y2K probe..
% licensee has materials specialists for each piece of equipment, and a lab for testing equipment. Testing was done in house for protective relays, which are microprocessor based. The licensee has found one relay that cannot be force set to 2/29/2000. However, this relay operates correctly when its clock rolls into and rolls out of 1
that date.
Communications are through leased phone lines with diverse communications through microwave, fiber networks, and leased lines. Ameritech is the phone company that provides telecommunications to the licensee. Ameritech is working with the licensee to determine Y2K contingency plans. Meetings have been conducted on a regular basis. MAIN has also recommended that utilities develop backup communications means that are integrated throughout NERC.
The licensee will be watching time zones to the east to anticipate potentia: problems. The licensee has approximately 100 contingency plans from various organizations that will be integrated. MAIN members will do a peer review on May 1,1999. The licensee is scheduled to
]
have approved operating plans by May 30,1999.
j 2.2.8. Y2K Program Management 5
The licensee's Y2K program scimdule is a"gressively tracked on a continuous basis by corporate and site management. The Y2K program progress is summarized in a format that defines the progress of each Y2K system being evaluated. The licensee conducts teleconferences twice weekly between each plant site and corporate management.
i j
2.2.9. Electric Grid issues I
The audit team discussed electric grid issues with the licensee. The licensee provides power to the MAIN, which is one region in the NERC. Tha licensee has initiated activities to address grid I
reliability with respect to the Y2K problem. The licensee produces a net system load approximately 20,000 MW, of which approximately 9.600 MW are produced by nuclear power j
plants. The licensee anticipates the load to be 8,000MW caring the Y2K dcte rollover. The licensee is surveying the customer base to determine whether the customers will be ready, and what they plan to do. The licensee is also evaluating means of tracking load changes faster.
The licensee expects all nuclear plants to be online.
Ea.ch utility in MAIN is required to have a grid restoration plan. The licensee is evaluating contingency plans that will ensure the grid remains operable. The licensee considers balancing the grid load and generation as the biggest risks to grid stability. The licensee plans to have significant reserves available during the rollover period by carrying more than the normal mix of i
generating capabilities, and maintaining a diverse generating capability. The licensee is also evaluating the strategies used in other grids too.
l MAIN has a Y2K contingency planning workforce. Each member utility has a representative, and the workforce meets about once per month to develop guidelines and individual contingency 4
l plans that are consistent throughout the grid. The status report to MAIN is due by March 31, i
a i
t
.~
. 1999, and will describe the Y2K operating plan. The licensee is also attending conferences hosted by NERC and others regarding Y2K contingency planning.
Transmission and diretribution equipment has been surveyed and nothing has been found to date that is highly susceptible to Y2K. The licensee has tested systems and components, and upgrades have been completed as of November 1998. Most remediation was in the area of software - date related issues regarding billing, etc. Some of the T&D testing equipment was found to need some remediation. The licensee is replacing the distribution automation system regardless of Y2K susceptibility. To date,107 applications have required remediation; about half of these systems have been remediated. All that remains is medium and Iow priority systems and components.
2.2.10. Critical Suppliers.
in May 1998, the licensee requestad Y2K Information from 1,265 suppliers who provide nuclear materials. The licensee followed up on the initial questionnaire in December with telefaxed information and followup letters to the suppliers who had not responded to the licensee's request for information. Additionally, the licensee sponsors an annual conference with its key suWiers each October. During the last conference, Y2K was the subject of one presentation. This 1
presentation helped bring the critical suppliers on board because the presidents and vice presidents of these companies were present at the conference. The questionnaire allowed the licensee to reduce the suppliers list from the initial 1,265 suppliers to approximately 800 suppliers. The licensee made many telephone calls to reduce the number of suppliers who had not responded to the licensee's questionnaire. The Project Owner (Mr. Oliver Kingsley) and the Project Sponsor (Mr. David Helwig) made calls to the presidents and vice presidents of the remaining 16 companies. To date, the licensee has received responses from all but four suppliers.
The licensee reviewed the responses to rate the supplier's processes for ensuring Y2K readiness and for evaluating the criticality of the supplies. This rating process was then used to identify potential needs for contingency plans. About three out of four of the suppliers' responses were judged to be questionable. The licensee estimates that there are about a dozen suppliers who will require Nuclear Utilities Procurement and Inspection Committee (NUPIC)-level auditing by the licensee.
The licensee is reviewing warehouse inventories to identify the components that need to be replaced or remediated. There are 3,900 Equipment Part Numbers (EPNs), which the licensee will review a second time after remediation is completed to ensure noncompliant EPNs have not been added to the inventory.
_ _. _ _ ~. _ _ _ _ _. _.
p*
. 3.0 AUDIT TEAM OBSERVATIONS The audit team reviewed in detail 23 software applications packages and 22 embedded systems component evaluation packsges. The licansee's documentation was sufficient for justifying the results of the assessments of Y2K compliance /non-compliance.
The following observations were made by the team auditing the Comed NGG Y2K readiness program, as it was applied at BwS.
1.
The licensee has a common Y2K project implementation plan for all its nuclear facilities.
The NGG Y2K project plan establishes the scope and control of the Y2K activities at the Braidwood Station. The Y2K Project Plan is comprehensive and incorporates the major elements of the nuclear power industry Y2K problem guidance contained in NEl/NUSMG 97-07, " Nuclear Utility Year 2000 Readiness."
2.
The licensee's Y2K program is receiving appropriate management support and oversight.
Sponsorship for the licensee's Y2K program is aggressive, proactive, and effective.
3.
The licensee began the formal Y2K readiness program in January 1998, and finished the plant inventory and initial assessment phase on March 5,1990. The detailed assessment phase for systems and components was completed in October 1998. The licensee has established a tightly-controlled schedule for completing Y2K readiness of all applications and systems by June 30,1999. The Y2K readiness schedule appears to be achievable because of the ded!cated effort at this site, and the licensee has received support via information sharing with EPRI, the Utility Services Alliance, the BWR Owners Group, the Westingi,ouse Owners Group, MAIN, and NERC.
4.
The licensee has started contingency planning. The licensee is using the nuclear industry guidance in NEl/NUSMG 98-07, " Nuclear Utility Year 2000 Readiness Contingency Planning," for this effort and is in the process of integrating contingency planning in the NGG Year 2000 Project Plan. The NGG Contingency Plan is scheduled for completion in March 1999.
5.
The licensee is conducting confirmatory testing of Y2K readiness for those systems and applications not certified by vendors on the licensee's approved supplier's list.
6.
The licensee's independent assessment of the NGG Y2K project plan was completed on January 25,1999. Recommendations from that assessment will be addressed by the NGG Y2K project team for subsequent revisions of the NGG Y2K project plan.
7.
Materials management is being addressed by the licensee. The licensee recognizes that the Y2K checks and balances now in place should be proceduralized for future material control.
~~
+
.-. 8.
The licensee uses a matrix format for prioritizing Y2K activities among the components.
The reatrix consists of three date usage risk categories and three safety and regulatory risk categories. This process provides the licensee with an objective, unambiguous methodology for prioritizing remediation activities.
9.
The licensee collects assets with the same manufacturer nameplate data into CEP. The results of an evaluation of a single asset are then extrapolated to the remaining assets in the CEP. This process allows efficient use of remediation resources; however, the underlying assumption that all assets with the same manufacturer nameplate data are identical may not be valid in every case.
10.
The licensee has committed to remediate all assets, regardless of priority, by June 30, 1999. This commitment may be adversely affected if the process used for extrapolating a single component evaluation to all other components in the same CEP does not prove to be valid. The licensee is reviewing this issue.
i Comed NGG Y2K Audit Plan Outline Documents Reviewed
comed NGG Y2K Audit Plan Outline A.
Project organization 9
Project Manager-C.
Project Sponsor-1.
Participation in Owners Group, Group activities related to the Y2K effort, (EPRI, NEI).
Peer review efforts.
2.
Corporate activities i
3.
Schedule of activities for Y2K readiness Activity Starting Date Finishing Date Communication /
Awareness Project olan Inventory Detailed analysis / testing Remediation Validation / testing Contingency Planr.ing 4.
Inventory (Review the information Database.)
Classification:
5.
Analysis -
Number of items identified as Y2K compliant. Review how this sas determined - Vendor data; any additional testing.
Number of items not Y2K compliant-Accept As is: (Review how this was determined.
require validation testing. Check vendor data, Owners Group data, any testing by vendor?)
ATTACHMENT 1 e
w~
e o2-a)
Vendor evaluation - validation testing based on criticality of item, prior experience with vendo., extent of documentation, or plant knowledge of the item b)
Plant owned or supported software (including tools) evaluation - knowledge based decisions, scanning, testing. When testing proposed, need test specifications and procedures.
I c)
Interface evaluation - Part of corporate plan (?) Grid, substation, communication, i
i d)
Embedded components evaluation - knowledge based decisions and testing.
When sufficient vendor and plant information is available to support a knowledge-based decision, no additional testing is required. (Review the documents when i
this is the case.)
l 6.
Remediation - Use of existing software procedures (?). Verify long term commitments for maintaining Y2K readiness.
l 7.
Y2K Testing and Validation Assessment testing - Per Computer problem / change reports (PCRs) and associated V&V plans and test proceoures.
Testing subsequent to remediation - unit testing; integration testing; system i
testing.
8.
Regulatory Considerations - 10 CFR 50.59 reviews; reportability evaluations per 10 CFR 50.72,50.73 and part 21; operability determinations.
9.
Contingency Planning - NEl/NUSMG 98-07 intemal Risks External Risks Remediation Risks (Vendor support, resource limitations, etc.)
10.
Y2K Management Plan-Tracking against milestones of the project. Management awareness. Status reporting Extemal resources Use of existing procedures for software QA, configuration management, V&V.,
Documentation Audits (any audits done/ reports issued).
l i
i l
1 I
l ATTACHMENT 1
Documents Reviewed 1.
NGG Y2K Project Team (Roster of Participants) 2.
"NGG Year 2000 Project Plan," Rev. O, dated l
3.
NGG Y2K Organization 4.
Device & Application Inventory 6.
NGG Y2K Audit Entrance Meeting Slide Handouts l
i l
l l
l l
l' 1
1 I
l i
1 i
ATTACHMENT 2 i
i 4
k